Configuring NTP. Information About NTP. NTP Overview. Send document comments to CHAPTER
|
|
- Cecil Bond
- 8 years ago
- Views:
Transcription
1 3 CHAPTER This chapter describes how to configure the Network Time Protocol (NTP) on Cisco NX-OS devices. This chapter includes the following sections: Information About NTP, page 3-1 Licensing Requirements for NTP, page 3-3 Prerequisites for NTP, page 3-3 Guidelines and Limitations, page 3-3 Default Settings, page 3-4, page 3-4 Verifying the NTP Configuration, page 3-17 Configuration Examples for NTP, page 3-18 Additional References, page 3-19 Feature History for NTP, page 3-20 Information About NTP This section includes the following topics: NTP Overview, page 3-1 NTP as Time Server, page 3-2 Distributing NTP Using CFS, page 3-2 Clock Manager, page 3-2 High Availability, page 3-3 Virtualization Support, page 3-3 NTP Overview The Network Time Protocol (NTP) synchronizes the time of day among a set of distributed time servers and clients so that you can correlate events when you receive system logs and other time-specific events from multiple network devices. NTP uses the User Datagram Protocol (UDP) as its transport protocol. All NTP communications use Coordinated Universal Time (UTC). 3-1
2 Information About NTP Chapter 3 An NTP server usually receives its time from an authoritative time source, such as a radio clock or an atomic clock attached to a time server, and then distributes this time across the network. NTP is extremely efficient; no more than one packet per minute is necessary to synchronize two machines to within a millisecond of each other. NTP uses a stratum to describe the distance between a network device and an authoritative time source: A stratum 1 time server is directly attached to an authoritative time source (such as a radio or atomic clock or a GPS time source). A stratum 2 NTP server receives its time through NTP from a stratum 1 time server. Before synchronizing, NTP compares the time reported by several network devices and does not synchronize with one that is significantly different, even if it is a stratum 1. Because Cisco NX-OS cannot connect to a radio or atomic clock and act as a stratum 1 server, we recommend that you use the public NTP servers available on the Internet. If the network is isolated from the Internet, Cisco NX-OS allows you to configure the time as though it were synchronized through NTP, even though it was not. Note You can create NTP peer relationships to designate the time-serving hosts that you want your network device to consider synchronizing with and to keep accurate time if a server failure occurs. The time kept on a device is a critical resource, so we strongly recommend that you use the security features of NTP to avoid the accidental or malicious setting of incorrect time. Two mechanisms are available: an access list-based restriction scheme and an encrypted authentication mechanism. NTP as Time Server Beginning with Cisco NX-OS Release 5.2, the Cisco NX-OS device can use NTP to distribute time. Other devices can configure it as a time server. You can also configure the device to act as an authoritative NTP server, enabling it to distribute time even when it is not synchronized to an outside time source. Distributing NTP Using CFS Cisco Fabric Services (CFS) distributes the local NTP configuration to all Cisco devices in the network. After enabling CFS on your device, a network-wide lock is applied to NTP whenever an NTP configuration is started. After making the NTP configuration changes, you can discard or commit them. In either case, the CFS lock is then released from the NTP application. For more information about CFS, see the Configuring CFS section on page 2-1. Clock Manager Clocks are resources that need to be shared across different processes and across different VDCs. Multiple time synchronization protocols, such as NTP and Precision Time Protocol (PTP), might be running in the system, and multiple instances of the same protocol might be running in different VDCs. Beginning with Cisco NX-OS Release 5.2, the clock manager allows you to specify the protocol and a VDC running that protocol to control the various clocks in the system. Once you specify the protocol and VDC, the system clock starts updating. For information on configuring the clock manager, see the Cisco Nexus 7000 Series NX-OS Fundamentals Configuration Guide, Release 5.x. 3-2
3 Chapter 3 Licensing Requirements for NTP High Availability Stateless restarts are supported for NTP. After a reboot or a supervisor switchover, the running configuration is applied. For more information on high availability, see the Cisco Nexus 7000 Series NX-OS High Availability and Redundancy Guide, Release 5.x. You can configure NTP peers to provide redundancy in case an NTP server fails. Virtualization Support If you are running a Cisco NX-OS Release prior to 5.2, up to one instance of NTP is supported on the entire platform. You must configure NTP in the default virtual device context (VDC), and you are automatically placed in the default VDC unless you specify otherwise. If you are running Cisco NX-OS Release 5.2 or later, multiple instances of NTP are supported, one instance per VDC. By default, Cisco NX-OS places you in the default VDC unless you specifically configure another VDC. Only one VDC (the default VDC by default) synchronizes the system clock at any given time. The NTP daemon in all other VDCs acts only as an NTP server for the other devices. To change which VDC synchronizes the system clock, use the clock protocol ntp vdc vdc-id command. NTP recognizes virtual routing and forwarding (VRF) instances. NTP uses the default VRF if you do not configure a specific VRF for the NTP server and NTP peer. See the Cisco Nexus 7000 Series NX-OS Unicast Routing Configuration Guide, Release 5.x for more information about VRFs. For more information about VDCs, see the Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide, Release 5.x. Licensing Requirements for NTP Product Cisco NX-OS License Requirement NTP requires no license. Any feature not included in a license package is bundled with the Cisco NX-OS system images and is provided at no extra charge to you. For a complete explanation of the Cisco NX-OS licensing scheme, see the Cisco NX-OS Licensing Guide. Prerequisites for NTP NTP has the following prerequisites: To configure NTP, you must have connectivity to at least one server that is running NTP. To configure VDCs, you must install the Advanced Services license. See the Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide, Release 5.x. Guidelines and Limitations NTP has the following configuration guidelines and limitations: 3-3
4 Default Settings Chapter 3 NTP server functionality is supported starting in Cisco NX-OS Release 5.2. You should have a peer association with another device only when you are sure that your clock is reliable (which means that you are a client of a reliable NTP server). A peer configured alone takes on the role of a server and should be used as a backup. If you have two servers, you can configure several devices to point to one server and the remaining devices to point to the other server. You can then configure a peer association between these two servers to create a more reliable NTP configuration. If you have only one server, you should configure all the devices as clients to that server. You can configure up to 64 NTP entities (servers and peers). If CFS is disabled for NTP, then NTP does not distribute any configuration and does not accept a distribution from other devices in the network. After CFS distribution is enabled for NTP, the entry of an NTP configuration command locks the network for NTP configuration until a commit command is entered. During the lock, no changes can be made to the NTP configuration by any other device in the network except the device that initiated the lock. If you use CFS to distribute NTP, all devices in the network should have the same VRFs configured as you use for NTP. If you configure NTP in a VRF, ensure that the NTP server and peers can reach each other through the configured VRFs. You must manually distribute NTP authentication keys on the NTP server and Cisco NX-OS devices across the network. Default Settings Table 3-1 lists the default settings for NTP parameters. Table 3-1 Default NTP Parameters Parameters NTP NTP authentication NTP access NTP logging Default Enabled in all VDCs Disabled Enabled Disabled This section includes the following topics: Enabling or Disabling NTP, page 3-5 Configuring the Device as an Authoritative NTP Server, page 3-6 Configuring an NTP Server and Peer, page 3-7 Authentication, page 3-10 Access Restrictions, page
5 Chapter 3 Configuring the NTP Source IP Address, page 3-13 Configuring the NTP Source Interface, page 3-13 on a Secondary (Non-Default) VDC, page 3-13 Logging, page 3-14 Enabling CFS Distribution for NTP, page 3-15 Committing NTP Configuration Changes, page 3-16 Discarding NTP Configuration Changes, page 3-17 Releasing the CFS Session Lock, page 3-17 Note Be aware that the Cisco NX-OS commands for this feature may differ from those commands used in Cisco IOS. Enabling or Disabling NTP You can enable or disable NTP in a particular VDC. NTP is enabled in all VDCs by default. BEFORE YOU BEGIN Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command. SUMMARY STEPS 1. config t 2. [no] feature ntp 3. (Optional) show ntp status 4. (Optional) copy running-config startup-config DETAILED STEPS Step 1 Step 2 config t Enter configuration commands, one per line. End with CNTL/Z. [no] feature ntp feature ntp Places you in global configuration mode. Enables or disables NTP in a particular VDC. NTP is enabled by default. Note If you are running a Cisco NX-OS Release prior to 5.2, NTP is enabled or disabled using the [no] ntp enable command. 3-5
6 Chapter 3 Step 3 show ntp status show ntp status Distribution: Enabled Last operational state: Fabric Locked (Optional) Displays the status of the NTP application. Step 4 copy running-config startup-config copy running-config startup-config (Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. This example shows how to disable NTP: Enter configuration commands, one per line. End with CNTL/Z. no feature ntp Configuring the Device as an Authoritative NTP Server BEFORE YOU BEGIN SUMMARY STEPS DETAILED STEPS You can configure the device to act as an authoritative NTP server, enabling it to distribute time even when it is not synchronized to an existing time server. Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command. 1. config t 2. [no] ntp master [stratum] 3. (Optional) show running-config ntp 4. (Optional) copy running-config startup-config Step 1 Step 2 config t Enter configuration commands, one per line. End with CNTL/Z. [no] ntp master [stratum] ntp master Places you in global configuration mode. Configures the device as an authoritative NTP server. You can specify a different stratum level from which NTP clients get their time synchronized. The range is from 1 to
7 Chapter 3 Step 3 show running-config ntp show running-config ntp (Optional) Displays the NTP configuration. Step 4 copy running-config startup-config copy running-config startup-config (Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. This example shows how to configure the Cisco NX-OS device as an authoritative NTP server with a different stratum level: Enter configuration commands, one per line. End with CNTL/Z. ntp master 5 Configuring an NTP Server and Peer BEFORE YOU BEGIN SUMMARY STEPS You can configure an NTP server and peer. Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command. Make sure you know the IP address or DNS names of your NTP server and its peers. If you plan to use CFS to distribute your NTP configuration to other devices, then you should have already completed the following: Enabled CFS distribution using the Configuring CFS Distribution section on page 2-6. Enabled CFS for NTP using the Enabling CFS Distribution for NTP section on page config t 2. [no] ntp server {ip-address ipv6-address dns-name} [key key-id] [maxpoll max-poll] [minpoll min-poll] [prefer] [use-vrf vrf-name] 3. [no] ntp peer {ip-address ipv6-address dns-name} [key key-id] [maxpoll max-poll] [minpoll min-poll] [prefer] [use-vrf vrf-name] 4. (Optional) show ntp peers 5. (Optional) copy running-config startup-config 3-7
8 Chapter 3 DETAILED STEPS Step 1 config t Places you in global configuration mode. Enter configuration commands, one per line. End with CNTL/Z. Step 2 [no] ntp server {ip-address ipv6-address dns-name} [key key-id] [maxpoll max-poll] [minpoll min-poll] [prefer] [use-vrf vrf-name] ntp server Forms an association with a server. Use the key keyword to configure a key to be used while communicating with the NTP server. The range for the key-id argument is from 1 to Use the maxpoll and minpoll keywords to configure the maximum and minimum intervals in which to poll a peer. The range for the max-poll and min-poll arguments is from 4 to 16 seconds, and the default values are 6 and 4, respectively. Use the prefer keyword to make this the preferred NTP server for the device. Use the use-vrf keyword to configure the NTP server to communicate over the specified VRF. The vrf-name argument can be default, management, or any case-sensitive alphanumeric string up to 32 characters. Note If you configure a key to be used while communicating with the NTP server, make sure that the key exists as a trusted key on the device. For more information on trusted keys, see the Configuring NTP Authentication section on page
9 Chapter 3 Step 3 [no] ntp peer {ip-address ipv6-address dns-name} [key key-id] [maxpoll max-poll] [minpoll min-poll] [prefer] [use-vrf vrf-name] Step 4 Step 5 ntp peer 2001:0db8::4101 show ntp peers show ntp peers copy running-config startup-config copy running-config startup-config Forms an association with a peer. You can specify multiple peer associations. Use the key keyword to configure a key to be used while communicating with the NTP peer. The range for the key-id argument is from 1 to Use the maxpoll and minpoll keywords to configure the maximum and minimum intervals in which to poll a peer. The range for the max-poll and min-poll arguments is from 4 to 17 seconds, and the default values are 6 and 4, respectively. Use the prefer keyword to make this the preferred NTP peer for the device. Use the use-vrf keyword to configure the NTP peer to communicate over the specified VRF. The vrf-name argument can be default, management, or any case-sensitive alphanumeric string up to 32 characters. (Optional) Displays the configured server and peers. Note A domain name is resolved only when you have a DNS server configured. (Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. This example shows how to configure an NTP server and peer: Enter configuration commands, one per line. End with CNTL/Z. ntp server key 10 use-vrf Red ntp peer 2001:0db8::4101 prefer use-vrf Red show ntp peers Peer IP Address Serv/Peer :0db8::4101 Peer (configured) Server (configured) copy running-config startup-config [########################################] 100% 3-9
10 Chapter 3 Authentication BEFORE YOU BEGIN SUMMARY STEPS DETAILED STEPS You can configure the device to authenticate the time sources to which the local clock is synchronized. When you enable NTP authentication, the device synchronizes to a time source only if the source carries one of the authentication keys specified by the ntp trusted-key command. The device drops any packets that fail the authentication check and prevents them from updating the local clock. NTP authentication is disabled by default. Make sure that you configured the NTP server with the authentication keys that you plan to specify in this procedure. See the Configuring an NTP Server and Peer section on page 3-7 for information. Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command. 1. config t 2. [no] ntp authentication-key number md5 md5-string 3. (Optional) show ntp authentication-keys 4. [no] ntp trusted-key number 5. (Optional) show ntp trusted-keys 6. [no] ntp authenticate 7. (Optional) show ntp authentication-status 8. (Optional) copy running-config startup-config Step 1 Step 2 config t Enter configuration commands, one per line. End with CNTL/Z. [no] ntp authentication-key number md5 md5-string ntp authentication-key 42 md5 anicekey Places you in global configuration mode. Defines the authentication keys. The device does not synchronize to a time source unless the source has one of these authentication keys and the key number is specified by the ntp trusted-key number command. The range for authentication keys is from 1 to Cisco NX-OS Release 5.2(3) and later 5.x releases support up to 15 alphanumeric characters for the MD5 string. Earlier releases support up to 8 alphanumeric characters. 3-10
11 Chapter 3 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 show ntp authentication-keys show ntp authentication-keys [no] ntp trusted-key number ntp trusted-key 42 show ntp trusted-keys show ntp trusted-keys [no] ntp authenticate ntp authenticate show ntp authentication-status show ntp authentication-status copy running-config startup-config copy running-config startup-config (Optional) Displays the configured NTP authentication keys. Specifies one or more keys (defined in Step 2) that a time source must provide in its NTP packets in order for the device to synchronize to it. The range for trusted keys is from 1 to This command provides protection against accidentally synchronizing the device to a time source that is not trusted. (Optional) Displays the configured NTP trusted keys. Enables or disables the NTP authentication feature. NTP authentication is disabled by default. (Optional) Displays the status of NTP authentication. (Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. This example shows how to configure the device to synchronize only to time sources that provide authentication key 42 in their NTP packets: Enter configuration commands, one per line. End with CNTL/Z. ntp authentication-key 42 md5 anicekey ntp trusted-key 42 ntp authenticate copy running-config startup-config [########################################] 100% Access Restrictions BEFORE YOU BEGIN You can control access to NTP services by using access groups. Specifically, you can specify the types of requests that the device allows and the servers from which it accepts responses. If you do not configure any access groups, NTP access is granted to all devices. If you configure any access groups, NTP access is granted only to the remote device whose source IP address passes the access list criteria. Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command. 3-11
12 Chapter 3 SUMMARY STEPS 1. config t 2. [no] ntp access-group {peer serve serve-only query-only} access-list-name 3. (Optional) show ntp access-groups 4. (Optional) copy running-config startup-config DETAILED STEPS Step 1 config t Places you in global configuration mode. Enter configuration commands, one per line. End with CNTL/Z. Step 2 [no] ntp access-group {peer serve serve-only query-only} access-list-name Step 3 Step 4 ntp access-group peer accesslist1 show ntp access-groups show ntp access-groups copy running-config startup-config copy running-config startup-config Creates or removes an access group to control NTP access and applies a basic IP access list. The access group options are scanned in the following order, from least restrictive to most restrictive. However, if NTP matches a deny ACL rule in a configured peer, ACL processing stops and does not continue to the next access group option. The peer keyword enables the device to receive time requests and NTP control queries and to synchronize itself to the servers specified in the access list. The serve keyword enables the device to receive time requests and NTP control queries from the servers specified in the access list but not to synchronize itself to the specified servers. The serve-only keyword enables the device to receive only time requests from servers specified in the access list. The query-only keyword enables the device to receive only NTP control queries from the servers specified in the access list. (Optional) Displays the NTP access group configuration. (Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. 3-12
13 Chapter 3 This example shows how to configure the device to allow it to synchronize to a peer from access group accesslist1 : ntp access-group peer accesslist1 show ntp access-groups Access List Type accesslist1 Peer copy running-config startup-config [########################################] 100% Configuring the NTP Source IP Address NTP sets the source IP address for all NTP packets based on the address of the interface through which the NTP packets are sent. You can configure NTP to use a specific source IP address. To configure the NTP source IP address, use the following command in global configuration mode: [no] ntp source ip-address ntp source Configures the source IP address for all NTP packets. The ip-address can be in IPv4 or IPv6 format. Configuring the NTP Source Interface You can configure NTP to use a specific interface. To configure the NTP source interface, use the following command in global configuration mode: [no] ntp source-interface interface ntp source-interface ethernet 2/1 Configures the source interface for all NTP packets. Use the? keyword to display a list of supported interfaces. on a Secondary (Non-Default) VDC BEFORE YOU BEGIN You can configure a non-default VDC to get a timing update from the default VDC and its clients in order to synchronize with it. Use the switchto vdc command to switch to the desired non-default VDC. 3-13
14 Chapter 3 SUMMARY STEPS 1. config t 2. feature ntp 3. ntp master 4. (Optional) ntp source-interface interface 5. (Optional) ntp source ip-address 6. (Optional) copy running-config startup-config DETAILED STEPS Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 config t Enter configuration commands, one per line. End with CNTL/Z. feature ntp feature ntp ntp master ntp master ntp source-interface interface ntp source-interface ethernet 2/1 ntp source ip-address ntp source copy running-config startup-config copy running-config startup-config Places you in global configuration mode. Enables NTP in the non-default VDC. Configures the device as an authoritative NTP server. (Optional) Configures the source interface for all NTP packets. Use the? keyword to display a list of supported interfaces. (Optional) Configures the source IP address for all NTP packets. The ip-address can be in IPv4 or IPv6 format. (Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. Logging BEFORE YOU BEGIN You can configure NTP logging in order to generate system logs with significant NTP events. NTP logging is disabled by default. Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command. 3-14
15 Chapter 3 SUMMARY STEPS 1. config t 2. [no] ntp logging 3. (Optional) show ntp logging-status 4. (Optional) copy running-config startup-config DETAILED STEPS Step 1 Step 2 Step 3 Step 4 config t Enter configuration commands, one per line. End with CNTL/Z. [no] ntp logging ntp logging show ntp logging-status show ntp logging-status copy running-config startup-config copy running-config startup-config Places you in global configuration mode. Enables or disables system logs to be generated with significant NTP events. NTP logging is disabled by default. (Optional) Displays the NTP logging configuration status. (Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. This example shows how to enable NTP logging in order to generate system logs with significant NTP events: ntp logging copy running-config startup-config [########################################] 100% Enabling CFS Distribution for NTP BEFORE YOU BEGIN You can enable CFS distribution for NTP in order to distribute the NTP configuration to other CFS-enabled devices. Make sure that you have enabled CFS distribution for the device using the Configuring CFS Distribution section on page
16 Chapter 3 SUMMARY STEPS 1. config t 2. [no] ntp distribute 3. (Optional) show ntp status 4. (Optional) copy running-config startup-config DETAILED STEPS Step 1 Step 2 Step 3 Step 4 config t Enter configuration commands, one per line. End with CNTL/Z. [no] ntp distribute ntp distribute show ntp status show ntp status copy running-config startup-config copy running-config startup-config Places you in global configuration mode. Enables or disables the device to receive NTP configuration updates that are distributed through CFS. (Optional) Displays the NTP CFS distribution status. (Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. Committing NTP Configuration Changes When you commit the NTP configuration changes, the effective database is overwritten by the configuration changes in the pending database and all the devices in the network receive the same configuration. To commit the NTP configuration changes, use the following command in global configuration mode: ntp commit ntp commit Distributes the NTP configuration changes to all Cisco NX-OS devices in the network and releases the CFS lock. This command overwrites the effective database with the changes made to the pending database. 3-16
17 Chapter 3 Verifying the NTP Configuration Discarding NTP Configuration Changes After making the configuration changes, you can choose to discard the changes instead of committing them. If you discard the changes, Cisco NX-OS removes the pending database changes and releases the CFS lock. To discard NTP configuration changes, use the following command in global configuration mode: ntp abort ntp abort Discards the NTP configuration changes in the pending database and releases the CFS lock. Use this command on the device where you started the NTP configuration. Releasing the CFS Session Lock If you have performed an NTP configuration and have forgotten to release the lock by either committing or discarding the changes, you or another administrator can release the lock from any device in the network. This action also discards pending database changes. To release the session lock from any device and discard any pending database changes, use the following command in global configuration mode: clear ntp session clear ntp session Discards the NTP configuration changes in the pending database and releases the CFS lock. Verifying the NTP Configuration To display the NTP configuration, perform one of the following tasks: show ntp access-groups show ntp authentication-keys show ntp authentication-status show ntp internal show ntp logging-status show ntp peer-status show ntp peers show ntp pending show ntp pending-diff Displays the NTP access group configuration. Displays the configured NTP authentication keys. Displays the status of NTP authentication. Displays internal NTP information. Displays the NTP logging status. Displays the status for all NTP servers and peers. Displays all the NTP peers. Displays the temporary CFS database for NTP. Displays the difference between the pending CFS database and the current NTP configuration. 3-17
18 Configuration Examples for NTP Chapter 3 show ntp rts-update show ntp session status show ntp source show ntp source-interface show ntp statistics {io local memory peer {ipaddr {ipv4-addr ipv6-addr} name peer-name}} show ntp status show ntp trusted-keys show running-config ntp Displays the RTS update status. Displays the NTP CFS distribution session information. Displays the configured NTP source IP address. Displays the configured NTP source interface. Displays the NTP statistics. Displays the NTP CFS distribution status. Displays the configured NTP trusted keys. Displays NTP information. Use the clear ntp session command to clear the NTP sessions. Use the clear ntp statistics command to clear the NTP statistics. Configuration Examples for NTP This example shows how to configure an NTP server and peer, enable NTP authentication, enable NTP logging, and then save the configuration in startup so that it is saved across reboots and restarts: Enter configuration commands, one per line. End with CNTL/Z. ntp server key 42 ntp peer 2001:0db8::4101 show ntp peers Peer IP Address Serv/Peer :db8::4101 Peer (configured) Server (configured) ntp authentication-key 42 md5 anicekey show ntp authentication-keys Auth key MD5 String anicekey ntp trusted-key 42 show ntp trusted-keys Trusted Keys: 42 ntp authenticate show ntp authentication-status Authentication enabled. ntp logging show ntp logging NTP logging enabled. copy running-config startup-config [########################################] 100% 3-18
19 Chapter 3 Additional References This example shows an NTP access group configuration with the following restrictions: Peer restrictions are applied to IP addresses that pass the criteria of the access list named peer-acl. Serve restrictions are applied to IP addresses that pass the criteria of the access list named serve-acl. Serve-only restrictions are applied to IP addresses that pass the criteria of the access list named serve-only-acl. Query-only restrictions are applied to IP addresses that pass the criteria of the access list named query-only-acl. ntp peer ntp peer ntp peer ntp peer ntp peer ntp peer ntp peer ntp peer ntp access-group peer peer-acl ntp access-group serve serve-acl ntp access-group serve-only serve-only-acl ntp access-group query-only query-only-acl ip access-list peer-acl switch(config-acl)# 10 permit ip host any switch(config-acl)# 20 permit ip host any ip access-list serve-acl switch(config-acl)# 10 permit ip host any switch(config-acl)# 20 permit ip host any ip access-list serve-only-acl switch(config-acl)# 10 permit ip host any switch(config-acl)# 20 permit ip host any ip access-list query-only-acl switch(config-acl)# 10 permit ip host any switch(config-acl)# 20 permit ip host any Additional References For additional information related to implementing NTP, see the following sections: Related Documents, page 3-20 MIBs, page
20 Feature History for NTP Chapter 3 Related Documents Related Topic NTP CLI commands Clock manager VDCs and VRFs Document Title Cisco Nexus 7000 Series NX-OS System Management Reference Cisco Nexus 7000 Series NX-OS Fundamentals Configuration Guide, Release 5.x Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide, Release 5.x MIBs MIBs MIBs Link CISCO-NTP-MIB To locate and download MIBs, go to the following URL: Feature History for NTP Table 3-2 lists the release history for this feature. Table 3-2 Feature History for NTP Feature Name Releases Feature Information NTP 5.2(3) Increased the length of NTP authentication keys from 8 to 15 alphanumeric characters. NTP 5.2(1) Added NTP support for all VDCs, enabling them to act as time servers. See the Virtualization Support section on page 3-3. NTP 5.2(1) Changed the command to enable or disable NTP from [no] ntp enable to [no] feature ntp. See the Enabling or Disabling NTP section on page 3-5. NTP 5.2(1) Added the ability to configure the device as an authoritative NTP server, enabling it to distribute time even when it is not synchronized to an existing time server. See the Configuring the Device as an Authoritative NTP Server section on page 3-6. NTP access groups 5.2(1) Added the serve, serve-only, and query-only access group options to control access to additional NTP services. See the Access Restrictions section on page NTP 5.1(1) No change from Release 5.0. NTP access groups 5.0(2) Added the ability to control access to NTP services by using access groups. See the Access Restrictions section on page
21 Chapter 3 Feature History for NTP Table 3-2 Feature History for NTP (continued) Feature Name Releases Feature Information NTP authentication 5.0(2) Added the ability to enable or disable NTP authentication. See the Authentication section on page NTP logging 5.0(2) Added the ability to enable or disable NTP logging. See the Logging section on page NTP server configuration 5.0(2) Added the optional key keyword to the ntp server command to configure a key to be used while communicating with the NTP server. See the Configuring an NTP Server and Peer section on page 3-7. CFS support 4.2(1) Added the ability to distribute NTP configuration using CFS. See the Enabling CFS Distribution for NTP section on page NTP source IP address or interface 4.1(3) Added the ability set the source IP address or source interface that NTP includes in all NTP packets sent to peers. NTP 4.0(3) Added the ability to disable NTP. See the Enabling or Disabling NTP section on page
22 Feature History for NTP Chapter
Configuring NTP. Information about NTP. NTP Overview. Send document comments to nexus1k-docfeedback@cisco.com. CHAPTER
CHAPTER 8 This chapter describes how to configure the Network Time Protocol (NTP) and includes the following topics: Information about NTP, page 8-1 Prerequisites for NTP, page 8-3 Configuration Guidelines
More informationSend document comments to nexus7k-docfeedback@cisco.com.
CHAPTER 4 This chapter describes how to configure the Domain Name Server (DNS) client. This chapter includes the following sections: Information About DNS Clients, page 4-1 Licensing Requirements for DNS
More informationConfiguring System Message Logging
CHAPTER 5 This chapter describes how to configure system message logging on Cisco NX-OS devices. This chapter includes the following sections: Information About System Message Logging, page 5-1 Licensing
More informationConfiguring NetFlow. Information About NetFlow. NetFlow Overview. Send document comments to nexus7k-docfeedback@cisco.com. CHAPTER
CHAPTER 16 This chapter describes how to configure the NetFlow feature on Cisco NX-OS devices. This chapter includes the following sections: Information About NetFlow, page 16-1 Licensing Requirements
More informationConfiguring NetFlow. Information About NetFlow. NetFlow Overview. Send document comments to nexus7k-docfeedback@cisco.com. CHAPTER
CHAPTER 19 This chapter describes how to configure the NetFlow feature on Cisco NX-OS devices. This chapter includes the following sections: Information About NetFlow, page 19-1 Licensing Requirements
More informationConfiguring MPLS Hub-and-Spoke Layer 3 VPNs
CHAPTER 23 This chapter describes how to configure a hub-and-spoke topology for Multiprotocol Layer Switching (MPLS) Layer 3 virtual private networks (VPNs) on Cisco NX-OS devices. This chapter includes
More informationConfiguring ECMP for Host Routes
CHAPTER 8 This chapter describes how to configure the equal-cost multipathing (ECMP) protocol for host routes on the Cisco NX-OS switch. This chapter includes the following sections: Information About
More informationConfiguring Password Encryption
This chapter describes how to configure password encryption on Cisco NX-OS devices. This chapter includes the following sections: Information About Password Encryption, page 1 Licensing Requirements for
More informationConfiguring SSH and Telnet
This chapter describes how to configure Secure Shell Protocol (SSH) and Telnet on Cisco NX-OS devices. This chapter includes the following sections: Finding Feature Information, page 1 Information About
More informationConfiguring Basic Settings
CHAPTER 10 This chapter describes how to configure basic settings on your ASA that are typically required for a functioning configuration. This chapter includes the following sections: Configuring the
More informationConfiguring Password Encryption
This chapter describes how to configure password encryption on Cisco NX-OS devices. This chapter includes the following sections: Finding Feature Information, page 1 Information About Password Encryption,
More informationConfiguring Static and Dynamic NAT Translation
This chapter contains the following sections: Network Address Translation Overview, page 1 Information About Static NAT, page 2 Dynamic NAT Overview, page 3 Timeout Mechanisms, page 4 NAT Inside and Outside
More informationConfiguring System Message Logging
This chapter describes how to configure system message logging on the Cisco Nexus 5000 Series switch and contains the following sections: Information About System Message Logging, page 1, page 2 Verifying
More informationConfiguring the Scheduler
CHAPTER 10 This chapter describes how to configure the scheduler on Cisco NX-OS devices. This chapter includes the following sections: Information About the Scheduler, page 10-1 Licensing Requirements
More informationNetwork Time Management Configuration. Content CHAPTER 1 SNTP CONFIGURATION... 1-1 CHAPTER 2 NTP FUNCTION CONFIGURATION... 2-1
Content Content CHAPTER 1 SNTP CONFIGURATION... 1-1 1.1 INTRODUCTION TO SNTP... 1-1 1.2 TYPICAL EXAMPLES OF SNTP CONFIGURATION... 1-1 CHAPTER 2 NTP FUNCTION CONFIGURATION... 2-1 2.1 INTRODUCTION TO NTP
More informationConfiguring MAC ACLs
Send document comments to nexus7k-docfeedback@cisco.com 12 CHAPTER This chapter describes how to configure MAC access lists (ACLs) on NX-OS devices. This chapter includes the following sections: Information
More informationYou can specify IPv4 and IPv6 addresses while performing various tasks in this feature. The resource
The feature enables the configuration of a Virtual Private Network (VPN) routing and forwarding instance (VRF) table so that the domain name system (DNS) can forward queries to name servers using the VRF
More informationConfiguring NetFlow. Information About NetFlow. Send document comments to nexus1k-docfeedback@cisco.com. CHAPTER
CHAPTER 11 Use this chapter to configure NetFlow to characterize IP traffic based on its source, destination, timing, and application information, to assess network availability and performance. This chapter
More informationEnabling Remote Access to the ACE
CHAPTER 2 This chapter describes how to configure remote access to the Cisco Application Control Engine (ACE) module by establishing a remote connection by using the Secure Shell (SSH) or Telnet protocols.
More information- The PIX OS Command-Line Interface -
1 PIX OS Versions - The PIX OS Command-Line Interface - The operating system for Cisco PIX/ASA firewalls is known as the PIX OS. Because the PIX product line was acquired and not originally developed by
More informationConnecting to the Firewall Services Module and Managing the Configuration
CHAPTER 3 Connecting to the Firewall Services Module and This chapter describes how to access the command-line interface and work with the configuration. This chapter includes the following sections: Connecting
More informationConfiguring System Message Logging
CHAPTER 1 This chapter describes how to configure system message logging on the Cisco 4700 Series Application Control Engine (ACE) appliance. Each ACE contains a number of log files that retain records
More informationAdding an Extended Access List
CHAPTER 11 This chapter describes how to configure extended access lists (also known as access control lists), and it includes the following topics: Information About Extended Access Lists, page 11-1 Licensing
More informationCisco Nexus 7000 Series NX-OS System Management Configuration Guide
Cisco Nexus 7000 Series NX-OS System Management Configuration Guide First Published: November 20, 2013 Last Modified: March 26, 2015 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San
More informationISE TACACS+ Configuration Guide for Cisco NX-OS Based Network Devices. Secure Access How-to User Series
ISE TACACS+ Configuration Guide for Cisco NX-OS Based Network Devices Secure Access How-to User Series Author: Technical Marketing, Policy and Access, Security Business Group, Cisco Systems Date: January
More informationConfiguring iscsi Multipath
CHAPTER 13 Revised: April 27, 2011, OL-20458-01 This chapter describes how to configure iscsi multipath for multiple routes between a server and its storage devices. This chapter includes the following
More informationConfiguring Role-Based Access Control
5 CHAPTER This chapter describes how to configure role-based access control (RBAC) on the Cisco Application Control Engine (ACE) module. This chapter contains the following sections: Information About
More informationConfiguring Auto Policy-Based Routing
This chapter describes how to configure the Auto Policy-Based Routing (PBR) feature on the Citrix NetScaler Application Delivery Controller (ADC) appliance to ensure that return traffic from the real server
More informationConfiguring NetFlow Secure Event Logging (NSEL)
75 CHAPTER This chapter describes how to configure NSEL, a security logging mechanism that is built on NetFlow Version 9 technology, and how to handle events and syslog messages through NSEL. The chapter
More informationConfiguring VIP and Virtual IP Interface Redundancy
CHAPTER 6 Configuring VIP and Virtual IP Interface Redundancy This chapter describes how to plan for and configure Virtual IP (VIP) and Virtual IP Interface Redundancy on the CSS. Information in this chapter
More informationCCNA Security. Chapter Two Securing Network Devices. 2009 Cisco Learning Institute.
CCNA Security Chapter Two Securing Network Devices 1 The Edge Router What is the edge router? - The last router between the internal network and an untrusted network such as the Internet - Functions as
More informationBasic Configuration of the Cisco 12000 Series Internet Router
CHAPTER 2 Basic Configuration of the Cisco 12000 Series Internet Router This chapter describes how to boot and configure the Cisco 12000 Series Internet Router. It discusses the following subjects: Cisco
More informationBacking Up and Restoring Data
Backing Up and Restoring Data Cisco Unity Express backup and restore functions use an FTP server to store and retrieve data. The backup function copies the files from the Cisco Unity Express application
More informationConfiguring Class Maps and Policy Maps
CHAPTER 4 Configuring Class Maps and Policy Maps This chapter describes how to configure class maps and policy maps to provide a global level of classification for filtering traffic received by or passing
More informationConfiguring Network Address Translation
CHAPTER5 Configuring Network Address Translation The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. This chapter contains the following major sections
More informationEncrypted Preshared Key
The feature allows you to securely store plain text passwords in type 6 (encrypted) format in NVRAM. Feature History for Release Modification 12.3(2)T This feature was introduced. Finding Support Information
More informationChapter 3 Using Access Control Lists (ACLs)
Chapter 3 Using Access Control Lists (ACLs) Access control lists (ACLs) enable you to permit or deny packets based on source and destination IP address, IP protocol information, or TCP or UDP protocol
More informationEncrypted Preshared Key
Encrypted Preshared Key The Encrypted Preshared Key feature allows you to securely store plain text passwords in type 6 (encrypted) format in NVRAM. Feature History for Encrypted Preshared Key Release
More informationGLBP - Gateway Load Balancing Protocol
GLBP - Gateway Load Balancing Protocol Gateway Load Balancing Protocol (GLBP) protects data traffic from a failed router or circuit, like Hot Standby Router Protocol (HSRP) and Virtual Router Redundancy
More informationDNS Commands ip dns spoofing
DNS Commands ip dns spoofing ip dns spoofing To enable Domain Name System (DNS) spoofing, use the ip dns spoofing command in global configuration mode. To disable DNS spoofing, use the no form of this
More informationConfiguring Syslog Server on Cisco Routers with Cisco SDM
Configuring Syslog Server on Cisco Routers with Cisco SDM Syslog is a standard for forwarding log messages in an Internet Protocol (IP) computer network. It allows separation of the software that generates
More informationConfiguring Network Load Balancing for vethernet
CHAPTER 7 Configuring Network Load Balancing for vethernet This chapter includes the following sections: Information About Microsoft Network Load Balancing, page 7-1 Configuring veths for Running Microsoft
More informationLab Configuring Syslog and NTP (Instructor Version)
(Instructor Version) Instructor Note: Red font color or Gray highlights indicate text that appears in the instructor copy only. Topology Addressing Table Objectives Device Interface IP Address Subnet Mask
More informationConfiguring DNS. Finding Feature Information
The Domain Name System (DNS) is a distributed database in which you can map hostnames to IP addresses through the DNS protocol from a DNS server. Each unique IP address can have an associated hostname.
More informationSNMP Version 3. Finding Feature Information. Information About SNMP Version 3. Security Features in SNMP Version 3
The feature provides secure access to devices by authenticating and encrypting data packets over the network. Simple Network Management Protocol version 3 (SNMPv3) is an interoperable, standards-based
More informationConfiguring the Content Routing Software
CHAPTER 2 This chapter describes the basic steps for configuring the Content Router software. Performing a Basic Startup Configuration After you physically install the Content Router hardware, configure
More informationACS 5.x and later: Integration with Microsoft Active Directory Configuration Example
ACS 5.x and later: Integration with Microsoft Active Directory Configuration Example Document ID: 113571 Contents Introduction Prerequisites Requirements Components Used Conventions Background Information
More informationHow Do I Upgrade Firmware and Save Configurations on PowerConnect Switches?
PowerConnect Application Note #12 February 2004 How Do I Upgrade Firmware and Save Configurations on PowerConnect Switches? This Application Notes relates to the following Dell PowerConnect products: PowerConnect
More informationThe Cisco IOS Firewall feature set is supported on the following platforms: Cisco 2600 series Cisco 3600 series
Cisco IOS Firewall Feature Set Feature Summary The Cisco IOS Firewall feature set is available in Cisco IOS Release 12.0. This document includes information that is new in Cisco IOS Release 12.0(1)T, including
More informationCCNA DATA CENTER BOOT CAMP: DCICN + DCICT
CCNA DATA CENTER BOOT CAMP: DCICN + DCICT COURSE OVERVIEW: In this accelerated course you will be introduced to the three primary technologies that are used in the Cisco data center. You will become familiar
More informationTransferring Files Using HTTP or HTTPS
Transferring Files Using HTTP or HTTPS First Published: May 5, 2005 Last Updated: May 14, 2009 Cisco IOS Release 12.4 provides the ability to transfer files between your Cisco IOS software-based device
More informationCisco Data Centre: Introducing Cisco Data Center Networking
coursemonster.com/uk Cisco Data Centre: Introducing Cisco Data Center Networking View training dates» Overview In the Introducing Cisco Data Center Networking training course, delegates will learn to:â
More informationChapter 1 Introduction to Network Maintenance Objectives
Introduction to Network Maintenance Objectives Describe network maintenance tasks Explain the difference between proactive and reactive network maintenance. Describe well-known network maintenance models.
More informationConfiguring Network Load Balancing for vethernet
Configuring Network Load Balancing for vethernet This chapter contains the following sections: Information About Microsoft Network Load Balancing, page 1 Guidelines and Limitations, page 1 Configuring
More informationHow to Configure Cisco 2600 Routers
Helsinki University of Technology Department of Communications and Networking How to Configure Cisco 2600 Routers Juha Järvinen 10.6.2004 Juha.Jarvinen@netlab.hut.fi Modified by Zhong Yunqiu 7.8.2008 Table
More informationConfiguring CSS Remote Access Methods
CHAPTER 11 Configuring CSS Remote Access Methods This chapter describes how to configure the Secure Shell Daemon (SSH), Remote Authentication Dial-In User Service (RADIUS), and the Terminal Access Controller
More informationInstalling, Uninstalling, and Upgrading Service Monitor
CHAPTER 2 Installing, Uninstalling, and Upgrading Service Monitor This section contains the following topics: Preparing to Install Service Monitor, page 2-1 Installing Cisco Unified Service Monitor, page
More informationAdministering Cisco ISE
CHAPTER 8 This chapter describes the administrative activities for the Cisco Identity Services Engine (ISE) and how to perform them. The following topics are covered: Logging In, page 8-1 System Time and
More informationConfiguring Network Load Balancing for vethernet
Configuring Network Load Balancing for vethernet This chapter contains the following sections: Information About Microsoft Network Load Balancing, page 1 Guidelines and Limitations, page 1 Configuring
More informationImplementing Secure Shell
Secure Shell (SSH) is an application and a protocol that provides a secure replacement to the Berkeley r-tools. The protocol secures sessions using standard cryptographic mechanisms, and the application
More informationNote: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.
Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials. CHAPTER 5 OBJECTIVES Configure a router with an initial configuration. Use the
More informationConfiguring DHCP Snooping and IP Source Guard
CHAPTER 19 This chapter describes how to configure Dynamic Host Configuration Protocol (DHCP) snooping and IP Source Guard on Catalyst 4500 series switches. It provides guidelines, procedures, and configuration
More informationOSPF Test Suite and Router configuration
OSPF Test Suite and Router configuration Codenomicon Solution Note Version: 2012-03-02 1 INTRODUCTION This document will give detailed information how to configure Cisco routers and OpenBSD servers to
More informationConfiguring Basic Settings
CHAPTER 9 This chapter describes how to configure basic settings on your ASASM that are typically required for a functioning configuration. This chapter includes the following sections: Configuring the
More informationInterconnecting Cisco Network Devices 1 Course, Class Outline
www.etidaho.com (208) 327-0768 Interconnecting Cisco Network Devices 1 Course, Class Outline 5 Days Interconnecting Cisco Networking Devices, Part 1 (ICND1) v2.0 is a five-day, instructorled training course
More informationNetFlow Aggregation. Feature Overview. Aggregation Cache Schemes
NetFlow Aggregation This document describes the Cisco IOS NetFlow Aggregation feature, which allows Cisco NetFlow users to summarize NetFlow export data on an IOS router before the data is exported to
More information100-101: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)
100-101: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1) Course Overview This course provides students with the knowledge and skills to implement and support a small switched and routed network.
More informationTable of Contents. Cisco Network Time Protocol: Best Practices White Paper
Table of Contents Network Time Protocol: Best Practices White Paper...1 Introduction...1 Background Information...1 Terminology...2 Overview...3 Device Overview...3 NTP Overview...4 NTP Design Criteria...5
More informationSupported Platforms. Supported Standards, MIBs, and RFCs. Prerequisites. Related Features and Technologies. Related Documents. Improved Server Access
Configuring Timeout, Retransmission, and Key Values per RADIUS Server The Configuring Timeout, Retransmission, and Key Values per RADIUS Server feature extends the functionality of the existing radius-server
More informationConfiguring DHCP Snooping
CHAPTER 19 This chapter describes how to configure Dynamic Host Configuration Protocol (DHCP) snooping on Catalyst 4500 series switches. It provides guidelines, procedures, and configuration examples.
More informationConfiguring IKEv2 Load Balancer
The IKEv2 Load Balancer feature provides support for enabling clusters of FlexVPN gateways and distributes incoming Internet Key Exchange Version 2 (IKEv2) connection requests among FlexVPN gateways. This
More informationConfiguring NetFlow Secure Event Logging (NSEL)
73 CHAPTER This chapter describes how to configure NSEL, a security logging mechanism that is built on NetFlow Version 9 technology, and how to handle events and syslog messages through NSEL. The chapter
More informationGeschreven door Administrator woensdag 13 februari 2013 17:37 - Laatst aangepast woensdag 13 februari 2013 18:05
Nexus 1000V returns the control of networking back to network administrators so that there is a clear boundary between server administrators and network administrators. For small businesses, one administrator
More informationChapter 6 Updating Software Images and Configuration Files
Chapter 6 Updating Software Images and Configuration Files This chapter describes how to copy and save configuration files and software image files. Downloading and Uploading a Software Image on a TFTP
More informationConfiguring Stickiness
CHAPTER5 This chapter describes how to configure stickiness (sometimes referred to as session persistence) on an ACE module. It contains the following major sections: Stickiness Overview Configuration
More informationManaging ACE Software Licenses
CHAPTER 2 This chapter describes how to manage the software licenses for your Cisco 4700 Series Application Control Engine (ACE) appliance. It contains the following major sections: Information about ACE
More informationEnabling Management Protocols: NTP, SNMP, and Syslog
SECTION 7 Enabling Management Protocols: NTP, SNMP, and Syslog In this Section This section describes how to enable basic management protocols on a Cisco AS5800 and Cisco AS5300 as part of a dial access
More informationConfiguring System Message Logging
CHAPTER 25 This chapter describes how to configure system message logging on the Catalyst 2960 switch. Note For complete syntax and usage information for the commands used in this chapter, see the Cisco
More informationTech Note Cisco IOS SNMP Traps Supported and How to Conf
Tech Note Cisco IOS SNMP Traps Supported and How to Conf Table of Contents Cisco IOS SNMP Traps Supported and How to Configure Them...1 Introduction...1 Before You Begin...1 Conventions...1 Prerequisites...1
More informationIPv6 Diagnostic and Troubleshooting
8 IPv6 Diagnostic and Troubleshooting Contents Introduction.................................................. 8-2 ICMP Rate-Limiting........................................... 8-2 Ping for IPv6 (Ping6)..........................................
More informationConfiguring Network QoS
CHAPTER 8 This chapter describes how to configure a network qos policy for the Cisco NX-OS device in the Data Center Bridging (DCB) network. This chapter includes the following sections: Note This chapter
More informationConfiguring SNMP and using the NetFlow MIB to Monitor NetFlow Data
Configuring SNMP and using the NetFlow MIB to Monitor NetFlow Data NetFlow is a technology that provides highly granular per-flow statistics on traffic in a Cisco router. The NetFlow MIB feature provides
More informationUsing the X-Series Command Line Interface (CLI)
Using the X-Series Command Line Interface (CLI) CLI Guide Websense X-Series Appliances v8.0.x Websense X-Series appliances are configured and maintained through a command line interface (CLI). The CLI:
More informationUsing Cisco IOS Software
Using Cisco IOS Software This chapter provides helpful tips for understanding and configuring Cisco IOS software using the command-line interface (CLI). It contains the following sections: Understanding
More informationChapter 8 Router and Network Management
Chapter 8 Router and Network Management This chapter describes how to use the network management features of your ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN. These features can be found by
More informationDomain Name System Server Round-Robin Functionality for the Cisco AS5800
Domain Name System Server Round-Robin Functionality for the Cisco AS5800 This feature module describes Domain Name System (DNS) server round-robin functionality for the Cisco AS5800 universal access server.
More informationUsing RADIUS Agent for Transparent User Identification
Using RADIUS Agent for Transparent User Identification Using RADIUS Agent Web Security Solutions Version 7.7, 7.8 Websense RADIUS Agent works together with the RADIUS server and RADIUS clients in your
More information642 523 Securing Networks with PIX and ASA
642 523 Securing Networks with PIX and ASA Course Number: 642 523 Length: 1 Day(s) Course Overview This course is part of the training for the Cisco Certified Security Professional and the Cisco Firewall
More informationConfiguring PROFINET
CHAPTER 9 This chapter describes how to configure the PROFINET feature on the Cisco IE 3000 switch. Understanding PROFINET, page 9-1, page 9-4 Displaying the PROFINET Configuration, page 9-5 Troubleshooting
More informationBASIC FIREWALL SERVICES
BASIC FIREWALL SERVICES Course # 1202 1 Services! NTP Network Time! DHCP Relay Server! DNS Proxy Server! Dynamic DNS! High Availability! Remote Logging! SNMP 2 NTP Network Time Service! NTP server will
More information- 1 - SmartStor Cloud Web Admin Manual
- 1 - SmartStor Cloud Web Admin Manual Administrator Full language manuals are available in product disc or website. The SmartStor Cloud Administrator web site is used to control, setup, monitor, and manage
More informationEnhanced Password Security - Phase I
Enhanced Password Security - Phase I Feature History 120(18)S This feature was introduced This document describes the Enhanced Password Security feature in It includes the following sections: Feature Overview,
More informationLAB II: Securing The Data Path and Routing Infrastructure
LAB II: Securing The Data Path and Routing Infrastructure 8. Create Packet Filters a. Create a packet filter which will deny packets that have obviously bogus IP source addresses but permit everything
More informationTable of Contents. Configuring IP Access Lists
Table of Contents...1 Introduction...1 Prerequisites...2 Hardware and Software Versions...2 Understanding ACL Concepts...2 Using Masks...2 Summarizing ACLs...3 Processing ACLs...4 Defining Ports and Message
More information1 Synchronizing Windows computers
Technical Note: NTP time servers Synchronizing Windows Computers Purpose: The purpose of this document is to provide detailed information on synchronizing Windows 7, 2008, 2003 and 2000 Stand-Alone PCs
More informationGS752TP, GS728TP, and GS728TPP Gigabit Smart Switches
GS752TP, GS728TP, and GS728TPP Gigabit Smart Switches Software Administration Manual December 2013 202-11137-04 350 East Plumeria Drive San Jose, CA 95134 USA Support Thank you for selecting NETGEAR products.
More informationConfiguring Redundancy
7 CHAPTER This chapter describes how to configure redundancy and contains these sections: Configuring Fault Tolerance, page 7-1 Configuring HSRP, page 7-5 Configuring Interface and Device Tracking, page
More informationConfiguring the Cisco IOS In-Service Software Upgrade Process
CHAPTER 6 Configuring the Cisco IOS In-Service Software Upgrade Process Starting with Cisco IOS 12.2(31)SGA, ISSU is supported on the Catalyst 4500. All line cards are supported. Operating on redundant
More information95 Methodist Hill Drive Suite 500 Rochester, New York 14623
WINDOWS 2000/2003/XP NETWORK TIME SYNCHRONIZATION USING A SPECTRACOM NETCLOCK (MODELS 9283, 9289, 9183, 9189, 8189, AND TTS SERIES) OR ETHERNET TIME SERVER (MODELS 9288, 9188, AND 8188) This Application
More informationIP Application Services Commands show vrrp. This command was introduced. If no group is specified, the status for all groups is displayed.
show vrrp show vrrp To display a brief or detailed status of one or all configured Virtual Router Redundancy Protocol (VRRP) groups on the router, use the show vrrp command in privileged EXEC mode. show
More information